One rather dedicated AC is promoting this simple argument:
Cause and effect...you take the risk, you get the benefit. You lay the cable, you make the rules.
Here's the simple response:
Fine. You connect to the Internet, then we (the taxpayers who funded it) make the rules in the form of regulations put forth by our representatived in goverment. If those who own the cable find those rule onerous, then they can create their own private network. No Yahoo. No Slashdot. No ETrade. Just whatever they can come up with. I'll bet they'll get a ton of subscribers on that network.
Meanwhile, people who don't mind playing by the rules can enjoy the Internet boom with the rest of us.
The Internet was developed over several decades by the government using public funds. As Lessig points out in his paper (which, by the speed of the first few responses, I doubt many have read), there have been other publicaly-accessable WANs that did not grow so rapidly.
Remember Compuserve, Prodigy, and AOL before they were ISPs? Where are they now? They promised "e-shopping" and "online information" in the early 80's. Instead, nothing happened until the Internet opened up in the mid-90's (and yes, you should thank Al Gore). The Internet developed as a free (libre) network because its public funding allowed it that agenda.
What I see today is a lot of people saying,"Thanks, Uncle Sam for making this great network... now get the hell out of it so we can strangle it to death in the name of the almighty dollar." I can't believe that the so-called "voices of freedom" are demanding that corporate interests be allowed to achieve levels of control that would be dangerous to said freedom. AOL already controls more media time than prime-time television. Good for them, but doesn't that make any of you a little nervous that they might begin to abuse that power?
Microsoft is not the only company that practices "embrace and extend."
Lately, I've been running into some eBusiness clients who are taking a burning interest in 64-bit architectures. Why? Because they keep tons and tons of data in memory (even across servers) and 2GB of addressable RAM is a limitation when their site expands.
My thought was "I used to write applications that ran pretty well on a 1MHz processor in 16K -- maybe you should tighten up your code," but they are adamant about it. Unless Yahoo's patent is too narrow to apply to anything beyond some special case that works only for them, it should bluescreen the moment it's challenged.
There are estimated 10-20 Million Linux installs. If that figure is accurate (and at that wide range, it probably is), then Linux is easily as "popular" as Apple's "popular" iMac.
Remember, the iMac set PC sales records. Similarly, IBM's OS/2 was the #1 selling piece of software for months after its release. That's pretty popular.
Also, keep in mind that "popular" also means "of interest." I know a lot of people who don't use Linux -- and maybe never will -- who talk about it, know about... have an interest in it.
So, yes Virginia, Linux may be popular and pose no threat to Microsoft at the same time depending on how you use the rather subjective term "popular."
That should be obvious...
Indeed it is frustrating when you find yourself having to explain the fucking obvious.
...is being on the recieving end of Microsoft mafioso tactics. I worked at a company that I will not name. I will give you the hint that it released the first Windows application ever. This app hit store shelves a week before Windows 1.0, due to now-legendary MS schedule slips.
This company proceeded to "enjoy" a tight working relationship with Microsoft for nearly half a decade. During this time, Microsoft stole source code (and settled out of court), threatened to withdraw support, threatened lawsuits (they said they were going to sue us for a trademark their own lawyers had helped us get a year earlier) and in one amusing incident, Bill Gates himself screamed at our CEO and COO like a 12-year-old having a tantrum.
Better products? Yeah, right. To wit:
If [OS/2] had been "absolutely, positively 100% Windows compatible, only better!", [IBM] would have won.
Uh huh. It must be Linux's "absolutely, positively 100% Windows" compatability that's driving its current popularity. Right?
Microsoft have been found to be felons in a court of law. I don't have any pity when the government "seize[s] the assets" of criminals.
Y'know... I tried to be very focused with this criticism, rather than saying "Slashdot sucks." Obviously a waste of effort, as any criticism is clearly not tolerated.
Maybe there's another moderator out there with some remnant of intellectual honesty (careful, Those Who Run Slashdot(tm) may yank your moderator status without warning).
You are correct that whining about the world being a cruel place is childish, but that's not the point.
TRUSTe certifications are backed by accountant's signatures on opinions (there are technical teams that work for these accountants to validate the opinion). If an accountant signs a fraudulent opinion they are guilty of the same crime that a doctor commits if he or she performs the wrong operation: malpractice. That's why "Big 5 accounting firms" are involved in TRUSTe -- because their statements give TRUSTe the weight of authority.
Doctors are certified to perform medicine, lawyers are certified to give opinions and accountants are certified to attest to things. If the quality of these certifications are not legally enforced, then they are pointless. Competant lawyers and accountants are not just filling a "market need", they provide needed infrastructure for the world net junkies like you have come to rely on.
I agree with the other apologists that it's not worth tossing out a whole site (especially one as valuable as this one) just because of one screwup, but let's be honest: this interview is a screwup.
Everything netmask5 says about John is supported by credible sources. John doesn't need a voice in an previously credible forum such as this one!
Who else "deserves equal time" on Slashdot? What other "know thy enemy" interviews do we need? What other crap should Slashdot cover as on account of "journalistic integrity"?
Should Slashdot interview people who deny the Nazi Holocaust? No, because those people are malicious loonies who should be -- at least -- assiduously ignored. The only reason these people get any exposure is because of weak-minded "journalists" who hold some inexplicable belief that every story has "two sides" (there's another side to the existance of the Holocaust?!).
I wouldn't launch this complaint if Slashdot was an "agenda-free" site. If Slashdot really tried to present a balanced, neutral information flow, it wouldn't be fair to complain about editorial decisions (because, theoretically, there wouldn't be such a thing). But this is not the case.
Those Who Run Slashdot(tm) have clear biases and agendas. That's not a crime in any way, but it does make them contemptable hypocrites when they grant the honor of Slashdot exposure to a total jerk and hide behind a pretense of being an organization that promote "freedom of information."
Perl is the dominant choice for CGI among Perl programmers. Surprise, surprise.
Among programmers still clever enough to learn new techniques, there are several "CGI" methods that are rapidly eclipsing Perl:
ASP. Yeah, it's Microsoft and it's not too scalable, but it's easy and fast to write and comes with some decent visual tools. Great for small-to-midsize web sites and web site prototypes.
Java Servlets. This technology is explained at length in other posts.
PHP. Fast, flexible.
Python. OO, easy to learn.
I think there have been some great posts outlining Perl's shortcomings, so I won't reiterate them here. Are there a lot of sites using Perl? Yup. How many new sites are going to be Perl-based? None that I've seen.
Other languages could have taint modes, but they don't. So I recommend using only Perl for CGI.
Yeah, too bad that instead of "taint mode", Java is stuck with an incredibly sophisticated security model. Java security can allow fine-grained control over I/O based on who who wrote the code, who invoked it, where it was loaded from -- pretty much anything.
Perl does data flow analysis, tracking what data either come from or are influenced by outside, untrusted ("tainted") data like environment variables and file contents
How quaint.
P.S. For those hitting the reply button to rant about "Java Security Bugs" please read up on the difference between server-side and client-side Java, the difference between JavaScript and Java and don't forget to start your post "I'm and idiot..."
What?! Tests by drunk people?! Cite a reference here -- my experience is that this is statement pull bullshit. IIS/ASP is a great RAD environment, but add COM and scale it up and you are in for a world of hurt. (BTW, the famous Mindfuck... er... Mindcraft study carefully avoided using ASP or COM in it's tests... hmmmm).
Why do you think that Microsoft's own Hotmail runs on Solaris?
These stupid fuckers don't have a case (as pointed out by others). They probably have some idiot typing "for Dummies" into a search engine each day, trying to ferret out legitimate misuses of their trademark. That idiot is probably named "Isabelle Drewelow." In all likelihood, she found your archive page and shot off a form letter.
If you respond to them at all, just say "There is no misuse of your trademark on my site," and nothing else. If you carefully explain why they are wrong, you give them something to attack, which will put you in a weaker legal position if it comes to that (which it shouldn't anyway).
My personal rule is to ignore all threatening correspondance that does not come from actual lawyers ("Trademark Coordinator" bitches don't count).
If there was one point that was made repeatedly at Defcon this year... now some 16 year old is going to set up a machine on the edge of some doctor's network and get their digital id
You went to Defcon? You must be so K3WL! You forgot another point at Defcon, however: the one on the top of your head.
Not only do you show a woeful lack of understanding of public-key cryptography, but you are also unaware that HIPAA regulations address physical security concerns.
Healthcare Information Portability and Accountability Act. It's not just a good idea, it's the law (in the USA). Within the next two years, agencies dealing in personalized medical records will be forced to submit to HIPPA regulation. This includes hospitals, "health web sites," pharmaceutical companies and so forth. If they have your medical data, they must conform to HIPPA.
What does that mean?
Medical data must be stored in a secure manner. Yes, there is no perfect security, but let's just say that Windows NT is about to suffer greatly in the medical marketplace...
Medical data must be protected in transit. That means RC4-128bit or 3DES. Even on a hospital LAN. That's right: sanity at last.
There must be published and audited policies and procedures governing storage, transit and disclosure of electronic medical records. That may sound like a drag to Slashdotter's who work in chaotic, fast-paced tech companies, but this bureucratic overhead means clear liability concerning your personal data.
Included in the auditability guidelines is non-repudiation. This means digital signatures and X.509 certificates. This is an excellent technology which has been resisted due to cost and complexity. Not anymore.
Bottom line: nobody is going to be putting your medical records on a public website.
"It's like being a God," says one of host's Serenea Altshul's cyberrenegades on his ability to wreak online havoc. But just when you're convinced that, yes, hacking's just an ego-boosting revenge of the nerds, along comes another keyboard cowboy with more righteous aims as he asks,"If Big Brother is watching me, why can't he be watched also?"
I didn't mean that that whole OSI model should be tossed, just that is shouldn't be applied strictly
Take IP and ATM: both "Layer 3." What does it mean if you have IP running over ATM or ATM over IP? Or NETBIOS over IP over ATM on top of Carrier Pigeons? It "Layer 2 Tunnelling Protocol" (L2TP) really Layer 2? Who cares!
The OSI model is a great starting place for modeling protocols, but the era where it can be taken as "dogma" are pretty much gone.
Why should we believe this is secure? Where is the spec? Read the IPSec spec. It's wide open. RSA, DH, X.509, 3DES... this is not a "black box" system.
Why physical layer security? This isn't physical layer security. The poster who though it was was wrong. If you want to adhere to strict OSI layer definitions -- well, you're out of touch with modern networking reality, but if you do -- then this is a Link Layer security.
Why should we trust hardware? The NSA only trusts hardware. After you verify that it performs the correct operations, then you don't have to worry about someone hacking it -- even if they 0wnZ your box. Please don't waste your time with hair-splitting "what if" scenarios; we all know there's "always a way to circumvent security," but when it requires physical access to a box, it's much, much, harder.
Hasn't this been done? Yes. IPSec is a standard. Lots of people are doing it. There is IPSec technology being built into the Linux IP stack. That means you can VPN to your pals with a RedCreek VPN or a Network Alchemy gateway or one of these Intel network cards.
Please return to your regularly scheduled rants about FBI/NSA/CIA conspiracies.
Do you even know what Sabre is? Ever see the specs on the largest and fastest transaction system on the planet?
You mean VISA/Mastercard?
No, I mean Sabre. VISA and Mastercard are different companies, by the way.
Last time I checked, Sabre was so far out there that it did not even run on an OS - the program ran straight on silicon.
No again. It runs on TPF. That's an OS from IBM.
And yes, I know Catepillar makes Big dump trucks and goofy boots.
Well, you're getting closer to reality, but I think you are still safely outside its gravitational field.
Caterpillar makes, among other things, big dump trucks. Big like the size of a 4-bedroom ranch house. Big enough to need sophisticated AI computers just to drive them.
Tell ya what, why don't you take another bong hit and finish this debate with the voices in your head.
Looking at recent studies, C++ is still overwhelmingly ahead.
And NT is beating Linux. That proves...what? Five years from now, do you expect anyone to question Linux as a competitor to NT? Do you remember five years ago?
Read Larry Wall's 3rd State of the Onion for more info.
Yeah, more info on chemistry trivia and Larry Wall's inability to write a coherent speech.
Perl is still a better language for getting real work done...
I think you mean "Perl is a better language for getting my work done..." Maybe it is. Great, keep using it.
Java is a better language for getting my work done, which is multi-platform client/server programming. I have to deploy applications on HP Unix machines, Windows NT, AS/400s and Linux. To do this, I use emacs and Java on Linux. I write and test on Linux and then I'm ready to deploy. I can't imagine what kind of horror I'd face doing this in Perl or (shudder) C++.
I used to write device drivers. Perl for that? Even Larry Wall wouldn't suggest it. Very few people even use C++ for drivers. How about Java? No way! It's the whole "right tool for the problem" concept. Look into it.
Look at small internet consulting companies to see who is making more intelligent decisions.
Intelligent decisions about what? How to code a Perl script to display the latest prices at "Joe's Computer Barn" or how to architect the IT infrastructure for a multi-billion-dollar global organization for the next 5-10 years?
Your implication that the companies I listed are low-tech is laughable. Caterpillar? Do you know what they make? Do you even know what Sabre is? Ever see the specs on the largest and fastest transaction system on the planet?
Slashdot Mirror
However, they needed to be posted due to the enormous number of people using Communism (and its stigma) to tar Linux.
- Cause and effect...you take the risk, you get the benefit. You lay the cable, you make the rules.
Here's the simple response:Fine. You connect to the Internet, then we (the taxpayers who funded it) make the rules in the form of regulations put forth by our representatived in goverment. If those who own the cable find those rule onerous, then they can create their own private network. No Yahoo. No Slashdot. No ETrade. Just whatever they can come up with. I'll bet they'll get a ton of subscribers on that network.
Meanwhile, people who don't mind playing by the rules can enjoy the Internet boom with the rest of us.
(Whohoo! 17th post!)
Remember Compuserve, Prodigy, and AOL before they were ISPs? Where are they now? They promised "e-shopping" and "online information" in the early 80's. Instead, nothing happened until the Internet opened up in the mid-90's (and yes, you should thank Al Gore). The Internet developed as a free (libre) network because its public funding allowed it that agenda.
What I see today is a lot of people saying,"Thanks, Uncle Sam for making this great network... now get the hell out of it so we can strangle it to death in the name of the almighty dollar." I can't believe that the so-called "voices of freedom" are demanding that corporate interests be allowed to achieve levels of control that would be dangerous to said freedom. AOL already controls more media time than prime-time television. Good for them, but doesn't that make any of you a little nervous that they might begin to abuse that power?
Microsoft is not the only company that practices "embrace and extend."
Is your site AOL approved?
My thought was "I used to write applications that ran pretty well on a 1MHz processor in 16K -- maybe you should tighten up your code," but they are adamant about it. Unless Yahoo's patent is too narrow to apply to anything beyond some special case that works only for them, it should bluescreen the moment it's challenged.
There are estimated 10-20 Million Linux installs. If that figure is accurate (and at that wide range, it probably is), then Linux is easily as "popular" as Apple's "popular" iMac.
Remember, the iMac set PC sales records. Similarly, IBM's OS/2 was the #1 selling piece of software for months after its release. That's pretty popular.
Also, keep in mind that "popular" also means "of interest." I know a lot of people who don't use Linux -- and maybe never will -- who talk about it, know about... have an interest in it.
So, yes Virginia, Linux may be popular and pose no threat to Microsoft at the same time depending on how you use the rather subjective term "popular."
- That should be obvious...
Indeed it is frustrating when you find yourself having to explain the fucking obvious.This company proceeded to "enjoy" a tight working relationship with Microsoft for nearly half a decade. During this time, Microsoft stole source code (and settled out of court), threatened to withdraw support, threatened lawsuits (they said they were going to sue us for a trademark their own lawyers had helped us get a year earlier) and in one amusing incident, Bill Gates himself screamed at our CEO and COO like a 12-year-old having a tantrum.
Better products? Yeah, right. To wit:
- If [OS/2] had been "absolutely, positively 100% Windows compatible, only better!", [IBM] would have won.
Uh huh. It must be Linux's "absolutely, positively 100% Windows" compatability that's driving its current popularity. Right?Microsoft have been found to be felons in a court of law. I don't have any pity when the government "seize[s] the assets" of criminals.
Maybe there's another moderator out there with some remnant of intellectual honesty (careful, Those Who Run Slashdot(tm) may yank your moderator status without warning).
TRUSTe certifications are backed by accountant's signatures on opinions (there are technical teams that work for these accountants to validate the opinion). If an accountant signs a fraudulent opinion they are guilty of the same crime that a doctor commits if he or she performs the wrong operation: malpractice. That's why "Big 5 accounting firms" are involved in TRUSTe -- because their statements give TRUSTe the weight of authority.
Doctors are certified to perform medicine, lawyers are certified to give opinions and accountants are certified to attest to things. If the quality of these certifications are not legally enforced, then they are pointless. Competant lawyers and accountants are not just filling a "market need", they provide needed infrastructure for the world net junkies like you have come to rely on.
Everything netmask5 says about John is supported by credible sources. John doesn't need a voice in an previously credible forum such as this one!
Who else "deserves equal time" on Slashdot? What other "know thy enemy" interviews do we need? What other crap should Slashdot cover as on account of "journalistic integrity"?
Should Slashdot interview people who deny the Nazi Holocaust? No, because those people are malicious loonies who should be -- at least -- assiduously ignored. The only reason these people get any exposure is because of weak-minded "journalists" who hold some inexplicable belief that every story has "two sides" (there's another side to the existance of the Holocaust?!).
I wouldn't launch this complaint if Slashdot was an "agenda-free" site. If Slashdot really tried to present a balanced, neutral information flow, it wouldn't be fair to complain about editorial decisions (because, theoretically, there wouldn't be such a thing). But this is not the case.
Those Who Run Slashdot(tm) have clear biases and agendas. That's not a crime in any way, but it does make them contemptable hypocrites when they grant the honor of Slashdot exposure to a total jerk and hide behind a pretense of being an organization that promote "freedom of information."
Feh.
Among programmers still clever enough to learn new techniques, there are several "CGI" methods that are rapidly eclipsing Perl:
- ASP. Yeah, it's Microsoft and it's not too scalable, but it's easy and fast to write and comes with some decent visual tools. Great for small-to-midsize web sites and web site prototypes.
- Java Servlets. This technology is explained at length in other posts.
- PHP. Fast, flexible.
- Python. OO, easy to learn.
I think there have been some great posts outlining Perl's shortcomings, so I won't reiterate them here. Are there a lot of sites using Perl? Yup. How many new sites are going to be Perl-based? None that I've seen.Yeah, too bad that instead of "taint mode", Java is stuck with an incredibly sophisticated security model. Java security can allow fine-grained control over I/O based on who who wrote the code, who invoked it, where it was loaded from -- pretty much anything.
Perl does data flow analysis, tracking what data either come from or are influenced by outside, untrusted ("tainted") data like environment variables and file contents
How quaint.
P.S. For those hitting the reply button to rant about "Java Security Bugs" please read up on the difference between server-side and client-side Java, the difference between JavaScript and Java and don't forget to start your post "I'm and idiot..."
What?! Tests by drunk people?! Cite a reference here -- my experience is that this is statement pull bullshit. IIS/ASP is a great RAD environment, but add COM and scale it up and you are in for a world of hurt. (BTW, the famous Mindfuck... er... Mindcraft study carefully avoided using ASP or COM in it's tests... hmmmm).
Why do you think that Microsoft's own Hotmail runs on Solaris?
If you respond to them at all, just say "There is no misuse of your trademark on my site," and nothing else. If you carefully explain why they are wrong, you give them something to attack, which will put you in a weaker legal position if it comes to that (which it shouldn't anyway).
My personal rule is to ignore all threatening correspondance that does not come from actual lawyers ("Trademark Coordinator" bitches don't count).
Oh yeah, Sun did.
You went to Defcon? You must be so K3WL! You forgot another point at Defcon, however: the one on the top of your head.
Not only do you show a woeful lack of understanding of public-key cryptography, but you are also unaware that HIPAA regulations address physical security concerns.
Go find my note on HIPAA.
What does that mean?
- Medical data must be stored in a secure manner. Yes, there is no perfect security, but let's just say that Windows NT is about to suffer greatly in the medical marketplace...
- Medical data must be protected in transit. That means RC4-128bit or 3DES. Even on a hospital LAN. That's right: sanity at last.
- There must be published and audited policies and procedures governing storage, transit and disclosure of electronic medical records. That may sound like a drag to Slashdotter's who work in chaotic, fast-paced tech companies, but this bureucratic overhead means clear liability concerning your personal data.
- Included in the auditability guidelines is non-repudiation. This means digital signatures and X.509 certificates. This is an excellent technology which has been resisted due to cost and complexity. Not anymore.
Bottom line: nobody is going to be putting your medical records on a public website.Grade: B
If you want to tell your kids that computers are "Tools, not toys," go ahead. Don't forget to add that sex is dirty and drugs are bad m'kay?
-trp
P.S. You're a tool (See #4).
I didn't mean that that whole OSI model should be tossed, just that is shouldn't be applied strictly
Take IP and ATM: both "Layer 3." What does it mean if you have IP running over ATM or ATM over IP? Or NETBIOS over IP over ATM on top of Carrier Pigeons? It "Layer 2 Tunnelling Protocol" (L2TP) really Layer 2? Who cares!
The OSI model is a great starting place for modeling protocols, but the era where it can be taken as "dogma" are pretty much gone.
Please return to your regularly scheduled rants about FBI/NSA/CIA conspiracies.
Spend it wisely. Take some Java classes.
(snicker)
Thanks for using mine, too.
- Do you even know what Sabre is? Ever see the specs on the largest and fastest transaction system on the planet?
You mean VISA/Mastercard?No, I mean Sabre. VISA and Mastercard are different companies, by the way.
Last time I checked, Sabre was so far out there that it did not even run on an OS - the program ran straight on silicon.
No again. It runs on TPF. That's an OS from IBM.
And yes, I know Catepillar makes Big dump trucks and goofy boots.
Well, you're getting closer to reality, but I think you are still safely outside its gravitational field.
Caterpillar makes, among other things, big dump trucks. Big like the size of a 4-bedroom ranch house. Big enough to need sophisticated AI computers just to drive them.
Tell ya what, why don't you take another bong hit and finish this debate with the voices in your head.
And NT is beating Linux. That proves...what? Five years from now, do you expect anyone to question Linux as a competitor to NT? Do you remember five years ago?
Read Larry Wall's 3rd State of the Onion for more info.
Yeah, more info on chemistry trivia and Larry Wall's inability to write a coherent speech.
Perl is still a better language for getting real work done...
I think you mean "Perl is a better language for getting my work done..." Maybe it is. Great, keep using it.
Java is a better language for getting my work done, which is multi-platform client/server programming. I have to deploy applications on HP Unix machines, Windows NT, AS/400s and Linux. To do this, I use emacs and Java on Linux. I write and test on Linux and then I'm ready to deploy. I can't imagine what kind of horror I'd face doing this in Perl or (shudder) C++.
I used to write device drivers. Perl for that? Even Larry Wall wouldn't suggest it. Very few people even use C++ for drivers. How about Java? No way! It's the whole "right tool for the problem" concept. Look into it.
Intelligent decisions about what? How to code a Perl script to display the latest prices at "Joe's Computer Barn" or how to architect the IT infrastructure for a multi-billion-dollar global organization for the next 5-10 years?
Your implication that the companies I listed are low-tech is laughable. Caterpillar? Do you know what they make? Do you even know what Sabre is? Ever see the specs on the largest and fastest transaction system on the planet?
Puh-leeez.